Encouraging Steps on Privacy from Facebook

Today, Facebook announced positive steps to ensure that platform applications will begin adhering to a new standard of transparency: before users connect to an application, they will interact with a dialog box that details exactly what pieces of personal information the user will have to share in order to use the app.

In the past, Facebook users who wanted to connect with an application were presented with a dialog box that indicated the application may "pull your profile information, photos, your friends' info, and other content that it requires to work." Users did not have the tools to differentiate those applications that pulled only the information they needed to work from those that more liberally requested user data. But once Facebook fully implements the announced changes, users who install new applications will be told exactly what information these applications are requesting, whether it is their political interests and work history, friends’ photo albums and current city, or all of the above. By giving users granular and easy-to-understand notice of an application’s data collection practices, Facebook will be empowering them to make more informed decisions around sharing their data.

The new permissions model also creates real incentives for application developers to minimize their data collection: now that they have to be transparent about what types of data they are collecting, application developers may think twice before asking for access to information in excess of what they need to deliver their advertised product. Hopefully, these changes will also benefit those developers who have, from the get-go, designed applications that limit their data requests and respect users’ privacy.

Facebook has also added language to its Developer Principles & Policies that requires developers to provide an easily accessible mechanism by which users can request deletion of all personal data that an application has received from Facebook. While it will be impossible to enforce this requirement in full, Facebook will be able to hold accountable those applications that operate in violation of the policy and that come to the company’s attention, either through spot checks or complaints.

It is encouraging to see Facebook act on its stated commitment to providing users with simple but real control over their information. And while, among otherthings, Facebook’s defaults for data sharing with applications still need improvement (Many users unknowingly allow their friends to share their profile information – even contact information and photos – with any application that requests it), the changes Facebook announced today represent an important and positive step for the company.